Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

37,007 advisories

Loading
The Rotating Tweets (Twitter widget and shortcode) plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-5141 was published Jun 6, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-2922 was published Jun 6, 2024
The Themesflat Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-4212 was published Jun 6, 2024
The Materialis Companion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via... Moderate Unreviewed
CVE-2024-4707 was published Jun 6, 2024
The Magical Addons For Elementor ( Header Footer Builder, Free Elementor Widgets, Elementor... Moderate Unreviewed
CVE-2024-5161 was published Jun 6, 2024
The Image Hover Effects for Elementor with Lightbox and Flipbox plugin for WordPress is... Moderate Unreviewed
CVE-2024-5001 was published Jun 6, 2024
The Custom Dash plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin... Moderate Unreviewed
CVE-2024-4942 was published Jun 6, 2024
The Easy Social Like Box – Popup – Sidebar Widget plugin for WordPress is vulnerable to Stored... Moderate Unreviewed
CVE-2024-5224 was published Jun 6, 2024
The Simple Image Popup Shortcode plugin for WordPress is vulnerable to Stored Cross-Site... Moderate Unreviewed
CVE-2024-5342 was published Jun 6, 2024
The Testimonials Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-4705 was published Jun 6, 2024
The Clever Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting... Moderate Unreviewed
CVE-2024-2350 was published Jun 6, 2024
The EasyAzon – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to Reflected... Moderate Unreviewed
CVE-2023-6956 was published Jun 6, 2024
idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component... High Unreviewed
CVE-2024-36670 was published Jun 5, 2024
A vulnerability in the web-based management interface of Cisco Finesse could allow an... Moderate Unreviewed
CVE-2024-20405 was published Jun 5, 2024
Typo3 Cross-Site Scripting in Language Pack Handling Moderate
GHSA-259v-xm34-p7fr was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 CMS Backend Moderate
GHSA-v4qr-8h2v-qpjx was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 CMS Moderate
GHSA-5gr6-97fv-52cc was published for typo3/cms (Composer) Jun 5, 2024
The GP Premium plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-3469 was published Jun 5, 2024
A flaw was found in the Katello plugin for Foreman, where it is possible to store malicious... Moderate Unreviewed
CVE-2024-4812 was published Jun 5, 2024
Cross-Site Scripting (XSS) vulnerability in typolinks Moderate
GHSA-p5c5-gmj4-g48f was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting (XSS) in TYPO3 Backend Moderate
GHSA-hq37-rfjc-mr8h was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in third party library mso/idna-convert Moderate
GHSA-qmwf-j7g7-f5jw was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 Backend Moderate
GHSA-86r8-4g3w-7xjp was published for typo3/cms (Composer) Jun 5, 2024
Cross-Site Scripting in TYPO3 Backend Moderate
GHSA-5wx6-xwxf-q8qj was published for typo3/cms (Composer) Jun 5, 2024
Arbitrary JavaScript execution due to using outdated libraries Low
GHSA-4m3g-6r7g-jv4f was published for gradio_pdf (pip) Jun 5, 2024
isacaya
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database